media-processing
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The bash scripts batch-remove-background.sh and remove-background.sh automatically attempt to install the rmbg-cli package globally via npm if the dependency is not detected.
- [COMMAND_EXECUTION]: Python scripts including batch_resize.py, media_convert.py, and video_optimize.py utilize the subprocess module to execute system binaries like ffmpeg, ffprobe, and magick, which are parameterized by user-supplied input paths.
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8).
- Ingestion points: The skill reads metadata and content from user-provided images, video, and audio files through various processing scripts.
- Boundary markers: No explicit delimiters or instructions are used to separate untrusted media content from the agent's instructions.
- Capability inventory: The skill possesses system capabilities including shell command execution and file system modification.
- Sanitization: There is no evidence of validation or sanitization for media file metadata, which could be exploited to manipulate the agent's behavior.
Audit Metadata